Skip to content

Add afterFind to auth adapter #8440

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
3 tasks done
dblythy opened this issue Feb 25, 2023 · 9 comments · Fixed by #8444
Closed
3 tasks done

Add afterFind to auth adapter #8440

dblythy opened this issue Feb 25, 2023 · 9 comments · Fixed by #8444
Labels
state:released Released as stable version state:released-alpha Released as alpha version state:released-beta Released as beta version type:feature New feature or improvement of existing feature

Comments

@dblythy
Copy link
Member

dblythy commented Feb 25, 2023
edited
Loading

New Feature / Enhancement Checklist

Current Limitation

Currently, to strip authData fields, it needs to be done in an afterFind trigger

Feature / Enhancement Description

Give authAdapters the ability to customize find response

Example Use Case

Alternatives / Workarounds

3rd Party References
@parse-github-assistant
Copy link

parse-github-assistant bot commented Feb 25, 2023
edited
Loading

Thanks for opening this issue!

  • 🎉 We are excited about your ideas for improvement!

@dblythy dblythy mentioned this issue Feb 25, 2023
Merged
1 task
@mtrezza
Copy link
Member

mtrezza commented Feb 25, 2023

Could you give more details about the issue? In what scenario would one want to strip authData fields and from what should they be stripped?

@mtrezza mtrezza added the type:feature New feature or improvement of existing feature label Feb 25, 2023
@dblythy
Copy link
Member Author

dblythy commented Feb 25, 2023
edited
Loading

For the MFA Adapter, the secret which is used to generate the OTP is only meant to be seen on the server side.

@cbaker6
Copy link
Contributor

cbaker6 commented Feb 25, 2023

Not sure if this can end up causing issues, but be mindful that most of the handling of authData happens on the client SDKs or on the client directly if a developer is using REST. See my comments in the following threads: #7737 (comment)

parse-community/Parse-SDK-JS#1353 (comment)

@dblythy
Copy link
Member Author

dblythy commented Feb 25, 2023

Yeah, I don’t see it being implemented on many with adapters, but for the MFA one we need to store a secret in auth data which shouldn’t be seen on the client side. The client SDKs already need work to support the new auth adapters

@dblythy
Copy link
Member Author

dblythy commented Feb 25, 2023

Related: https://community.parseplatform.org/t/remove-sensitive-data-from-authdata/2377/2

@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 6.1.0-alpha.3

@parseplatformorg parseplatformorg added the state:released-alpha Released as alpha version label Mar 6, 2023
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 6.1.0-beta.2

@parseplatformorg parseplatformorg added the state:released-beta Released as beta version label May 1, 2023
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 6.1.0

@parseplatformorg parseplatformorg added the state:released Released as stable version label May 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
state:released Released as stable version state:released-alpha Released as alpha version state:released-beta Released as beta version type:feature New feature or improvement of existing feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Add afterFind trigger to authentication adapters dblythy/parse-server
4 participants
@dblythy @mtrezza @cbaker6 @parseplatformorg